DPS checking computer system after hacking; Tobin outraged

State police said Friday that they are checking the security of the agency’s computer system after an attack by hackers and they are investigating to determine the extent of the infiltration.

The Lulz Security hacking collective claimed on Thursday that it successfully accessed the Arizona Department of Public Safety computer system and took data including sensitive case files and the phone numbers and addresses of some officers.

Many of the files LulzSec posted online were innocuous and included invitations to conferences and even some inspirational messages. Others focused on the activity and habits of drug cartels and threats to homeland security, and many came from the Department of Homeland Security.

In one DHS assessment, the federal agency said drug trafficking and associated violence “represent the greatest threat to U.S. border security emanating from Sonora,” referring to the Mexican state that borders Arizona. In another, the agency writes how terrorists can obtain acquire common chemicals to fashion homemade explosives.

So far, only seven out of DPS’ 1,700 employees have had their email accounts compromised and their personal information seized by the group of hackers, an agency spokesman said.

“We’re concerned that somebody was able to get that far,” DPS Capt. Steve Harrison said Friday in an interview with The Associated Press. “We don’t consider it so severe that it’s going to compromise future investigations.”

Harrison said it doesn’t appear the hackers accessed DPS’ main server, but they may have gained entry to a computer that officers use to log onto email accounts and download whatever information was on that server’s hard drive.

Some of the data the hackers may have obtained is information that DPS doesn’t want to fall into the hands of drug traffickers and other criminals, Harrison said.

“It could be how drug trafficking organizations work, drug concealment methods – things that we wouldn’t necessarily want drug traffickers to know that we know,” he said.

State police notified other police agencies after the attack occurred, urging them to apply security measures and protocols to check and secure computer systems in case LulzSec attempted to access other police computer systems in Arizona.

DPS has not received any reports of other police computer systems being compromised, Harrison said.

A spokesman for the Phoenix office of the FBI says the agency was aware of the computer hacking situation at DPS.

“At this time we’re not confirming or denying that we’re involved in the investigation,” said agent Manuel Johnson, an FBI spokesman.

The head of the state police union said it is alarmed by the computer attack.

“We understand that some of the information that they have obtained could compromise the safety of our officers,” said Jimmy Chavez, president of the Arizona Highway Patrol Association.

The cyber attackers said they were specifically targeting DPS because of the state’s tough immigration enforcement law known as SB1070 “and the racial profiling anti-immigrant police state that is Arizona.”

The LulzSec group also said it planned to release “more classified documents and embarrassing personal details of military and law enforcement” every week, but it was unclear whether other Arizona agencies were targeted.

Arizona Attorney General Tom Horne said he was not immediately able to identify specific crimes involved with LulzSec’s hack, but the group’s actions could be prosecuted under either state or federal statutes.

Arizona House Speaker Andy Tobin is expressing outrage over the incident, especially because the group is posting the files online.

The disclosures include names, phone numbers and addresses of some officers.

Tobin says the action puts officers and their families at risk. And he says he’s particularly troubled that the hacking is said to be a response to Arizona’s enactment of SB1070, a 2010 law on illegal immigration enforcement.

The Paulden Republican says the group should be prosecuted to the full extent possible.

He also says lawmakers will consider whether additional steps are needed to hold those responsible accountable if the disclosures result in harm to officers and their families.

Associated Press writers Amanda Lee Myers and Paul Davenport in Phoenix, and Raphael G. Satter in London contributed to this report.

2 comments

Paulden putz Andy Tobin needs to understand you reap what you sow. When you tear families apart and put them at risk, as SB1070 has done, you are foolish to expect there will not be a price to be paid.